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EXAMINER 'S AMENDMENT 

1. Claims 1, 2, 4, 6-18, 38-43 are allowed. 

2. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to appUcant, an amendment may be filed as provided by 37 
CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no 
later than the payment of the issue fee. 

3. Authorization for this examiner's amendment was given in a telephone interview with 
William Tucker (Reg. No. 41,356) on 3/23/2011. 

4. The application has been amended as follow: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1. (Currently Amended) A system for enhancing security of end user station access 
to an Internet and intranet over access network with an access point, comprising: 
a gateway packet data node; 
a packet data support node; 

wherein said gateway packet data node further comprises security indication providing 
means for providing an security indicated access point with a security criterium indication and 
for distributing said security criterium indication to said packet data support node; 

wherein said packet data support node further comprises a security enforcement 
mechanism for preventing all other traffic not fulfilling the security criterium indication 
associated with said security indicated access point when there is a connection requiring security 
over the security indicated access point, at least until a last packet of the security indicated access 
point connection has been sen t; and 

wherein the security criterium indication comprises an indication as to the criterium to be 
fulfilled for concurrent conflicting access point connections in order for the concurrent 
conflicting access point connections to be allowed simultaneouslv with a first secure access point 
connection . 
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2. (Previously Presented) A system according to claim 1 wherein the security 
criterium indication comprises a security marking indicating the access point supports the 
provision of secure access point connections. 

3. (Canceled) 

4. (Previously Presented) A system according to claim 2, wherein the security 
criterium indication comprises a flag, an attribute or a data structure. 

5. (Canceled) 

6. (Previously Presented) A system according to claim 1, wherein the gateway 
packet data node comprises a Gateway GPRS Support Node (GGSN). 

7. (Previously Presented) A system according to, claim 1 wherein the security 
indicating and distributing means are provided in a Home Location Register (HLR). 

8. (Previously Presented) A system according to claim I, wherein the security 
indicating and distributing means are provided in a Domain Name Server (DNS). 

9. (Previously Presented) A system according to claim 1, wherein the security 
indicating means are provided in a CGSN comprising the functionality of a GGSN and SGSN. 

10. (Previously Presented) A system according to claim 1, wherein the access 
point is security indicated through providing an Access Point Name thereof with the security 
indication. 

11. (Previously Presented) A system according to claim 1, wherein the access 
point connections comprise Packet Data Protocol (PDP) contexts. 
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12. (Previously Presented) A system according to claim 11, wherein the 
enforcement mechanism is dynamic, and the packet data support node means are provided for 
dropping all traffic packets of other PDP contexts not meeting the security criterium when a 
simultaneous PDP context to a security marked access point is used for communication of 
packets. 

13. (Previously Presented) A system according to claim 12, wherein the packet 
data node comprises means for detecting traffic on a PDP context to a security indicated access 
point, and means for activating security protection further comprises means for, after lapse of a 
predetermined, configurable time period after sending of the last packet on a PDP context with a 
security indication, allowing traffic on other PDP contexts again. 

14. (Previously Presented) A system according to claim 1, wherein the 
enforcement mechanism is static and means are provided in a packet data support node for 
deactivating access point connections which do not meet the security criterium when a security 
condition is met for one connection to a security indicated access point. 

15. (Previously Presented) A system according to claim 14, wherein the 
security condition is met when a request is received in the packet data support node relating to 
activation of a PDP context to a security indicated APN. 

16. (Previously Presented) A system according to claim 14, wherein the 
security condition is met when a PDP context to a security marked APN has been activated in the 

packet data support node. 

17. (Previously Presented) A system according to claim 14, wherein the 
security condition is met when traffic packet is detected on a PDP context to a security indicated 
access point. 
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18. (Previously Presented) A system according to claim 16, wherein the packet 
data support node comprises means for re-activation of deactivated PDP contexts, and in that 
said means are end user controlled. 

19-37. (Canceled) 

38. (Currently Amended) A method for enhancing security of end user station access 
to Internet and intranet, comprising the steps of: 

establishing an access point needs to be secure; 

providing the access point with a security indication with one or more criteria in a 
network node, 

distributing the security indication to a packet data support node, 

enforcing the security indication by at least preventing all traffic on all access point 
connections conflicting a first security indicated access point connection through the security 
indicated access point and not fulfUhng the security criteria at least until a last packet of the 
security indicated access point connection has been sen t, and 

wherein the security criterium indication comprises an indication as to the criterium to be 
fulfilled for concurrent conflicting access point connections in order for the concurrent 
conflicting access point connections to be allowed simultaneously with a first secure access point 
connection . 

39. (Previously Presented) A method according to claim 38, wherein the step 
of distributing comprises the step of: 

providing the security indication in a gateway packet data node, in a home location 
register (HLR) or in a Domain Name Server (DNS). 

40. (Previously Presented) A method according to claim 38, wherein the step 
of providing a security indication comprises, 

providing an Access Point Name (APN) with the security indication. 
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41 . (Previously Presented) A method according to claim 40, wherein the access 
point connections comprise PDP contexts. 

42. (Previously Presented) A method according to claim 41, wherein the 
enforcing step comprises: 

dropping all traffic packets of all other PDP contexts than a first incoming security 
requiring PDP context which do not meet the security criteria. 

43. (Previously Presented) A method according to claim 41, wherein the 
enforcing step comprises: 

deactivating all other conflicting PDP contexts than a first security requiring PDP 
context, which do not fulfill the security criteria. 

5. Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany 
the issue fee. Such submissions should be clearly labeled "Comments on Statement of 
Reasons for Allowance." 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Liangche A. Wang whose telephone number is (571)272- 
3992. The examiner can normally be reached on Monday thru Friday, 8:30 am to 5:00 
pm. 

7. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Joon H Hwang can be reached on (571)272-4036. The fax phone number for 
the organization where this apphcation or proceeding is assigned is 571-273-8300. 
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8. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Liang-che Alex Wang 
March 29, 2011 

/Liangche A. Wang/ 

Primary Examiner, Art Unit 2447 



